Lucene search
+L

6 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-42905

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL before 5.5.2, if callback functions are enabled via the WOLFSSLCALLBACKS flag, then a malicious TLS 1.3 client or network attacker can trigger a buff...

9.1CVSS7.5AI score0.01959EPSS
Exploits2References2
OSV
OSV
added 2023/08/31 12:15 p.m.5 views

BELL-CVE-2022-42905 CVE-2022-42905 does not affect BellSoft software

Bulletin has no description...

9.1CVSS5.8AI score0.01959EPSS
Exploits2References1
0day.today
0day.today
added 2023/01/22 12:0 a.m.333 views

wolfSSL 5.5.2 WOLFSSL_CALLBACKS Heap Buffer Over-Read Vulnerability

wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSLCALLBACKS ==================================================================== INFO ======= The CVE project has assigned the id CVE-2022-42905 to this issue. Severity: 9.1 CRITICAL Affected version: before 5.5.2 End of embargo: Ended October...

9.1CVSS0.2AI score0.01959EPSS
Exploits2
Packet Storm
Packet Storm
added 2023/01/20 12:0 a.m.370 views

wolfSSL WOLFSSL_CALLBACKS Heap Buffer Over-Read

wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSLCALLBACKS ==================================================================== INFO ======= The CVE project has assigned the id CVE-2022-42905 to this issue. Severity: 9.1 CRITICAL Affected version: before 5.5.2 End of embargo: Ended October...

9.1CVSS0.01959EPSS
Exploits2
NVD
NVD
added 2022/11/07 12:15 a.m.33 views

CVE-2022-42905

In wolfSSL before 5.5.2, if callback functions are enabled via the WOLFSSLCALLBACKS flag, then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. WOLFSSLCALLBACKS is only intended for debugging...

9.1CVSS0.01959EPSS
Exploits2References6
CVE
CVE
added 2022/11/06 12:0 a.m.125 views

CVE-2022-42905

CVE-2022-42905 affects wolfSSL prior to 5.5.2. When WOLFSSL_CALLBACKS is enabled, a malicious TLS 1.3 client or network attacker can trigger a heap buffer over-read (at least 5 bytes). This impacts confidentiality and availability (per CVSS). The flaw originates in the way callbacks are handled a...

9.1CVSS9.3AI score0.01959EPSS
Exploits2References6Affected Software1
Rows per page
Query Builder